Skip over navigation

Roxen Interactive RXML Help

<ldap/>

Executes an LDAP operation that change the contents of the directory.

Add (adds an object):

<ldap server="ldap://ldap.foo.com/" op="add" binddn="cn=admin,dc=foo,dc=com" dn="cn=user,dc=foo,dc=edu" attr="(cn:'user')(sn:'surname')(objectClass:'req'd objectClass')" password="<password>" />

Delete (deletes an object):

<ldap server="ldap://ldap.foo.com/" op="delete" binddn="cn=admin,dc=foo,dc=com" dn="cn=user,dc=foo,dc=com" password="<password>" />

Replace (replaces a value of an attribute):

<ldap server="ldap://ldap.foo.com/" op="replace" binddn="cn=admin,dc=foo,dc=com" dn="cn=user,dc=foo,dc=com" attr="(sn:'new value')" password="<password>" />

Modify (adds a second value to an existing attribute):

<ldap server="ldap://ldap.foo.com/" op="modify" binddn="cn=admin,dc=foo,dc=com" dn="cn=user,dc=foo,dc=com" attr="(sn:'additional value')" password="<password>" />

Attributes

server
server=URL (Server URL)

Connection LDAP URL. If omitted the "Default server URL" in the module configuration will be used.

URLs are written on the format: ldap://hostname[:port]/base_DN[?[attribute_list][?[scope][?[filter][?extensions]]]]. For details, see RFC 2255.

binddn
binddn=distinguished name

Applicable only if the "server" attribute is used. This is the bind DN for authentication in the directory server. If the LDAP URL contains a "bindname" extension, that one takes precedence.

password
password=password

Applicable only if the "server" attribute is used. Password for authentication in the directory server. If omitted the empty string will be used.

dn
dn=distinguished name
This attribute is required.

Distinguished name of the object to operate on.

op
op={add, delete, modify, replace}
This attribute is required.

The actual LDAP operation:

  • add

    Add a new object. The "attr" argument specifies the attributes for the new object. The "add-attr" argument also works for this.

  • delete

    Delete an object.

  • modify

    Modify an existing object. The "add-attr", "replace-attr", and "delete-attr" arguments specifies the attribute values to add, replace, and delete, respectively. The same attribute name may not occur in both "add-attr" and "delete-attr".

    For compatibility, the "attr" argument is the same as "add-attr".

  • replace

    This operation exists for compatibility only. It's the same as "modify" except that the "attr" argument is an alias for "replace-attr" instead.

  • attr
    attr=(attr:[val[,...]])[(attr:...)...]

    Specifies the attributes for the new object in the "add" operation.

    The format consists of a series of parentheses on the form "(attr:values)" where attr is the attribute name and values a comma separated list of zero or more values to give it. Whitespace which is ignored may occur around the parentheses, the colon and the commas. Superfluous commas and empty parenthesis pairs are ignored.

    Each value in the values list is either a string literal surrounded by double quotes (") or the name of an RXML variable (without the "&" and ";" around it). JavaScript-like quoting is used inside string literals, e.g. a " is written as \" and a \ is written as \\.

    If an RXML variable has multiple values, i.e. is an array, then all its values are added one by one to the set of values for the attribute. (RXML variables with multiple values commonly occur in the form scope when the browser sends multiple values for the same form variable.)

    For compatibility, string literals may also be surrounded by single quotes ('), but in that case there's no quoting mechanism, so a single quote cannot be written inside.

    The same attribute name may occur in several parentheses. All the values from all the parentheses are simply joined in that case.

    An example:

    (sn: "Zappa") (givenName: form.givenName) (mail: "hello@nowhere.org", "athell@pandemonium.com")

    add-attr
    add-attr=(attr:[val[,...]])[(attr:...)...]

    Specifies the attribute values to add to the object in a "modify" or "add" operation. These attribute values will be added to the existing values for the corresponding attributes in the object.

    A new attribute is added to the object if it doesn't exist already.

    See the description for "attr" for details about the format.

    replace-attr
    replace-attr=(attr:[val[,...]])[(attr:...)...]

    Specifies the attribute values to replace in the object in a "modify" operation. These attribute values will replace the existing values for the corresponding attributes in the object.

    A new attribute is added to the object if it doesn't exist already and the list of values isn't empty. An attribute is removed completely if the list of values is empty and the attribute existed before.

    See the description for "attr" for details about the format.

    delete-attr
    delete-attr=(attr:[val[,...]])[(attr:...)...]

    Specifies the attribute values to delete from the object in a "modify" operation.

    An attribute is removed completely if the list of values is empty or if it specifies all the existing values for the attribute.

    See the description for "attr" for details about the format.

    parse

    If specified, the content of attr will be parsed by the RXML parser.